<?php
    include_once 'dblib/dblib.php';

    if(isset($_GET['s']))
    {   
        $name=$_GET['s'];
        $name=  mysql_real_escape_string($name);
        if(strlen($name)<3) exit("Πρέπει να πληκτρολογήσεται τουλάχιστον 3 χαρακτήρες για αναζήτηση");
        $query="SELECT * FROM `products` WHERE `title` LIKE '%{$name}%'";
    }
    else if(isset($_GET['cat'])){
        $cat=$_GET['cat'];
        $cat=  mysql_real_escape_string($cat);
        $query="SELECT * FROM `products` WHERE `idCategory`=$cat";
    }
    else if(isset($_GET['user'])){
        $user=$_GET['user'];
        $id=user_get_id($user);
        if(!$id) exit("Ο χρήστης δεν βρέθηκε");
        $query="SELECT * FROM `products` WHERE `idOwner`=$id->idUsers";
    }
    else exit;
    
    $result=DBLib::execute_query($query);
    $num=mysql_num_rows($result);
    if ($num == 0) die ("Nothing found");
    
    
    ?>  

<table border="1">
<tr>
<td>Title</td>
<td>Price</td>
<td>Description</td>
</tr>

<?php
	$row = mysql_fetch_array($result);
	
	while($row)
	{
           echo "<tr>";
	   echo"<td><a href='index.php?action=productpage&productId={$row['idProducts']}' >".$row['title']."</td>";
	   echo"<td>".$row['price']."</td>";
	   echo"<td>".$row['description']."</td></tr>";
           echo"</tr>";
           $row = mysql_fetch_array($result);
	}
?>
</table>